Man-in-the-Middle Attack on LAN

Your are the attacker who tries to intercept a victims traffic. Attacker and Victim use two same VMs. The attacker and the victim are located on the same switched Ethernet. Assume that the attacker knows the IP address of the victim.

Attacking Tools Provided:

wireshark

This is a well-known network protocol analyzer.

sendarp.exe

This program sends an arbitrary ARP reply message. You need tool to poison ARP cache. Please check reference section for the format of Ethernet frame and ARP reply message. (Run sendarp.exe from cygwin)

mim.exe

This program forwards intercepted traffic to the victim and the router. It also dumps the intercepted traffic to victim.captured file that can be viewed using wireshark. (Run mim.exe from cygwin)

Goal:

The goal of this assignment is to intercept the Internet traffic ofthe victim while not disrupting the service between them.

Things to submit:

Description of how you accomplished this assignment

Screenshots that proves that victim's ARP cache has been poisoned

Screenshots (wireshark window) that proves that attacker successfully captured victim's traffic.

Download the virtual machine from:

http://williams.comp.ncat.edu/IA_visualization_labs/ManInTheMiddleLab.html